package com.imageflowpro.image_flow_pro.interceptor;

import com.imageflowpro.image_flow_pro.context.BaseContext;
import com.imageflowpro.image_flow_pro.properties.JwtProperties;
import com.imageflowpro.image_flow_pro.utils.JwtUtil;
import io.jsonwebtoken.Claims;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import java.util.Optional;


/**
 * 用户端jwt令牌校验的拦截器
 */
@Component
@Slf4j
public class JwtTokenUserInterceptor implements HandlerInterceptor {

    @Autowired
    private JwtProperties jwtProperties;

    /**
     * 校验用户jwt
     *
     */
    public boolean preHandle(@NotNull HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull Object handler) throws Exception {
        //判断当前拦截到的是Controller的方法还是其他资源
        if (!(handler instanceof HandlerMethod)) {
            //当前拦截到的不是动态方法，直接放行
            return true;
        }

        //1、从请求头中获取令牌
        String token = request.getHeader(jwtProperties.getUserTokenName());
        if (token == null || token.isBlank()) {
            // 如果 header 中都没有，尝试从 cookie 获取
            Optional<String> tokenFromCookie = JwtUtil.getTokenFromCookie(request, jwtProperties.getUserTokenName());
            if(tokenFromCookie.isEmpty()){
                throw new RuntimeException("令牌不存在");
            }
            token = tokenFromCookie.get();
        }
        //2、校验令牌
        try {
            log.info("jwt校验:{}", token);
            Claims claims = JwtUtil.parseJWT(jwtProperties.getUserSecretKey(), token);
            Long id = claims.get("id", Long.class);
            if (id == null) {
                throw new IllegalArgumentException("JWT token 缺少 'id' 字段");
            }
            log.info("当前用户id：{}", id);
            //使用ThreadLocal传递当前登录用户的ID
            BaseContext.setCurrentId(id);
            //3、通过，放行
            return true;
        } catch (Exception ex) {
            //4、不通过，响应401状态码
            response.setStatus(401);
            return false;
        }
    }
}
